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Amendments to the Claims 

This listing of claims will replace all prior versions, and listings, of claims in 

the application: 



Listing of Claims: 

1-37. (canceled) 

38. (original) In a computer system comprising a token communicatively 
connected to a provider, a method of authenticating a user to use a system, comprising: 
generating, by the token, a random value; 

sending, by the token, the random value, a token ID, and a salt value to the 
provider; 

providing, by the user, a user password to the provider; 
generating, by the provider, a derived key based at least in part on the salt value 
and the password; 

applying, by the provider, a first key-based hash algorithm, using the derived key, 
to the token ID to provide a first hash value; 

generating, by the provider, a first challenge data instance based at least in part on 
the random value and the first hash value; 

sending, by the provider, the first challenge data instance to the token; 

generating, by the provider, a token unlock key based at least in part on the 
derived key; 



Application No. 1 0/502,478 Page 3 of 13 

Amendment dated August 25, 2006 
Reply to Office action of June 27, 2006 

sending, by the provider, the token unlock key to the token; 

generating, by the token, a second challenge data instance based at least in part on 
the random value and a second hash value, wherein the second hash value is stored on the 
token and is based on the token ID; 

determining, by the token, whether the first and second challenge data instances 

match; 

terminating, by the token, the method, if the first and second challenge data 
instances are determined not to match; and 

if the first and second challenge data instances are determined to match, then 
establishing an encrypted data transfer system between the token and the 
provider, 

unlocking with the token unlock key, by the token, locked first private data 

stored on the token, and 
authenticating the user for secured use of the system based at least in part on 

the unlocked first private data. 

39. (original) The method of claim 38, wherein the derived key is generated with 
a password-based encryption algorithm. 

40. (original) The method of claim 39, wherein the password-based encryption 
algorithm is based at least in part on PKCS #5. 
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41. (original) The method of claim 38, wherein the first hash algorithm is a hash 
function-based message authentication code. 

42. (original) The method of claim 38, wherein generating the token unlock key 
includes hashing the derived key to provide the token unlock key. 

43. (original) The method of claim 38, wherein generating the first challenge data 
instance includes mathematically binding together the first hash value and the random 
value to provide the first challenge data instance. 

44. (original) The method of claim 38, wherein 

generating the first challenge data instance comprises mathematically binding 
together the first hash value and the random value to provide the first challenge data 
instance; and 

generating the second challenge data instance comprises mathematically binding 
together the second hash value and the random value to provide the second challenge data 
instance. 

45. (original) The method of claim 38, wherein 

generating the first challenge data instance comprises mathematically binding 
together the first hash value and the random value to provide a first resulting value, and 
hashing the first resulting value to provide the first challenge data instance; and 
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generating the second challenge data instance comprises mathematically binding 
together the second hash value and the random value to provide a second resulting value, 
and hashing the second resulting value to provide the second challenge data instance. 

46. (original) The method of claim 38, wherein establishing the encrypted data 
transfer system comprises generating, by at least one of the token and the provider, a 
shared key. 

47. (original) The method of claim 46, wherein the shared key is a shared session 

key. 

48. (original) The method of claim 46, wherein the shared key is generated based 
at least in part on shared data that includes a Diffie-Hellman parameter set. 

49. (original) The method of claim 38, further comprising: 

combining, by the provider, a message and a present message value to provide a 
modified message; 

encrypting, by the provider, the modified message, using a shared key, to provide 

an encrypted message; 

combining, by the provider, the modified message and the random value to 

provide a first pre-hash value; 
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applying, by the provider, the first key-based hash algorithm, using the first hash 
value, to the first pre-hash value to provide a third hash value; 

combining, by the provider, the encrypted message and the third hash value to 
provide a signed message; . 

sending, by the provider, the signed message to the token; 

extracting, by the token, the encrypted message and the third hash value from the 
signed message received from the provider; 

decrypting, by the token, the encrypted message, using the shared key to provide 

the modified message; 

extracting, by the token, the message and the present message value from the 

decrypted encrypted message; 

combining, by the token, the message, the present message value, and the random 
value to provide a second pre-hash value; 

applying, by the token, the first key-based hash algorithm, using the second hash 
value, to the second pre-hash value to provide a signing hash value; and 

validating, by the token, the message, if the signing hash value and the third hash 
value match and the present message value is greater than a prior message value stored 
on the token. 



50. (original) The method of claim 38, further comprising 
combining, by the token, a message and a present message value to provide 
modified message; 
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encrypting, by the token, the modified message, using a shared key, to provide an 
encrypted message; 

combining, by the token, the modified message and the random value to provide a 
first pre-hash value; 

applying, by the token, the first key-based hash algorithm, using the second hash 
value, to the first pre-hash value to provide a third hash value; 

combining, by the token, the encrypted message and the third hash value to 
provide a signed message; 

sending, by the token, the signed message to the provider; 

extracting, by the provider, the encrypted message and the third hash value from 
the signed message received from the token; 

decrypting, by the provider, the encrypted message, using the shared key to 
provide the modified message; 

extracting, by the provider, the message and the present message value from the 

decrypted encrypted message; 

combining, by the provider, the message, the present message value, and the 
random value to provide a second pre-hash value; 

applying, by the provider, the first key-based hash algorithm, using the first hash 
value, to the second pre-hash value to provide a signing hash value; and 

validating, by the provider, the message, if the signing hash value and the third 
hash value match and the present message value is greater than a prior message value 
stored on the provider. 
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51. (original) The method of claim 38, wherein unlocking the locked first private 
data comprises decrypting the locked first private data with the token unlock key. 

52. (original) The method of claim 38, 

wherein the unlocked first private data includes at least one user credential 

associated with the user; and 

wherein authenticating the user includes providing at least one of the at least one 
user credential to the system to grant the user cryptographic reading authority. 

53. (original) The method of claim 38, 

wherein the unlocked private data includes at least one user credential associated 
with the user, and 

wherein authenticating the user includes providing at least one of the at least one 
user credential to the system to grant the user cryptographic writing authority. 

54. (original) The method of claim 38, wherein the system further comprises a 
biometric reader communicatively connected to the provider, the locked first private data 
includes an encrypted biometric template, and the method further comprises: 

sending, by the token, the encrypted biometric template to the provider; 
decrypting, by the provider, the encrypted biometric template with the derived 

key; 
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providing, by the user, a biometric sample via the biometric reader to the 
provider; 

determining, by the token, whether the biometric sample corresponds to the 
decrypted biometric template; 

terminating the method, by the provider, if the biometric sample is determined not 
to correspond to the decrypted biometric template; 

if the biometric sample is determined to correspond to the decrypted biometric 

template, 

applying, by the provider, one of the first key-based algorithm and a second 
key-based algorithm, using the derived key, to the decrypted biometric 
template to provide a third hash value, 
generating, by the provider, a third challenge data instance based at least in 

part on the third hash value and the random value, and 
sending, by the provider, the third challenge data instance to the token; 
generating, by the token, a fourth challenge data instance based at least in part on 
the random value and a fourth hash value, wherein the fourth hash value is stored on the 
token and is based on the biometric template; 

determining, by the token, whether the third and fourth challenge data instances 

match; 

terminating, by the token, the method if the third and fourth challenge data 
instances are determined not to match; and 
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if the third and fourth challenge data instances are determined to match, unlocking 
with at least a portion of the unlocked first private data, by the token, locked second 
private data stored on the token; 

wherein authenticating the user for secured use of the system further requires that 
the third and fourth data instances are determined to match. 

55. (original) The method of claim 38, wherein the system further comprises a 
biometric reader communicatively connected to the token, the locked first private data 
includes an encrypted biometric template, and the method further comprises: 

providing, by the user, a biometric sample via the biometric reader to the token; 

decrypting, by the token, the encrypted biometric template with the derived key; 

determining, by the token, whether the biometric sample corresponds to the 
decrypted biometric template; 

terminating the method, by the token, if the biometric sample is determined not to 
correspond to the decrypted biometric template; and 

if the biometric sample is determined to correspond to the decrypted biometric 
template, unlocking, by the token, with at least a portion of the unlocked first private 
data, locked second private data stored on the token; 

wherein authenticating the user for secured use of the system further requires that 
the biometric sample is determined to correspond to the decrypted biometric template. 
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56. (original) The method of claim 55, wherein the biometric reader is integral 
with the token. 



57. (original) The method of claim 38, wherein establishing the encrypted data 
transfer system comprises encrypting messages exchanged between the token and the 
provider with an encryption key. 

58. (original) The method of claim 57, further comprising: 

sending, by the token, an encrypted instance of the encryption key and an 
encrypted user profile associated with the user to the provider; 

applying, by the provider, a key derivation function to the derived key and the 
first hash value to provide a cryptographic key; 

decrypting, by the provider, the encrypted instance of the encryption key; 

decrypting, by the provider, the encrypted profile with the encryption key; and 

providing, by the provider, the decrypted user credential to the system to grant the 
user at least one of cryptographic reading authority and cryptographic writing authority. 

59. (currently amended) In a computer system comprising a token 
communicatively connected to a provider, a method of authenticating a user to use a 

system, comprising: 

sending, by the token, a token ID, a salt value, an encrypted instance of an 
encryption key, and an encrypted user profile to the provider; 
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providing, by the user, a user password to the provider; 
generating, by the provider, a derived key based at least in part on the salt value 
and the password; 

applying, by the provider, a first key-based hash algorithm, using the derived key, 
to the token ID to provide a first hash value; 

applying, by the provider, a key derivation function to the derived key and the 
first hash value to provide a cryptographic key; 

decrypting, by the provider, the encrypted instance of the encryption keyjo 
provide a decrypted en cryption key; 

decrypting, by the provider, the encrypted user profile with the decrypted 
encryption W tn provide a decrypt ed user credential; and 

providing, by the provider, the decrypted user credential to the system to grant the 
user at least one of cryptographic reading authority and cryptographic writing authority. 



